@inproceedings{
 title = {OSG PKI transition: Experiences and lessons learned},
 type = {inproceedings},
 year = {2014},
 keywords = {Authentication; Distributed computer systems; Proj,Certificate Services; Federated identity; Identit,Public key cryptography},
 volume = {23-28-Marc},
 websites = {https://www.scopus.com/inward/record.uri?eid=2-s2.0-84976287425&partnerID=40&md5=91fa0ceddc7a53735878e4a650ae9d76},
 publisher = {Proceedings of Science (PoS)},
 id = {b38e74ab-7e24-3aa6-aae8-390a47f6aa11},
 created = {2018-02-27T18:07:39.588Z},
 file_attached = {false},
 profile_id = {42d295c0-0737-38d6-8b43-508cab6ea85d},
 group_id = {411048e7-0d47-3d3c-90c2-fad3d2bd6235},
 last_modified = {2018-02-27T18:07:39.588Z},
 read = {false},
 starred = {false},
 authored = {false},
 confirmed = {true},
 hidden = {false},
 citation_key = {Welch2014},
 source_type = {conference},
 notes = {cited By 0; Conference of International Symposium on Grids and Clouds, ISGC 2014 ; Conference Date: 23 March 2014 Through 28 March 2014; Conference Code:121995},
 private_publication = {false},
 abstract = {Over the course of 2012-13 the Open Science Grid (OSG) transitioned the identity management system for its science user community from the DOE Grids public key infrastructure (PKI) to a new OSG PKI. This transition was significant in its scope, touching on nearly all aspects of the OSG infrastructure and community. The transition also entailed the adoption of a commercial certificate service as a key component of OSG's PKI. This transition offers a rare opportunity to better understand identity management and how to prepare for and implement changes in an identity management system. In this paper, we describe OSG's transition and lessons learned from it. We discuss the overall project management approach, including a division of the project into planning, piloting, design, development, implementation and transition phases. We discuss the considered alternatives, both for implementations of the OSG PKI as well as alternatives to a PKI such as federated identity, as well as the criteria we used to make our decision. We conclude with a set of lessons learned from both implementation and in retrospect, and a set of recommendations for other identity systems. © Copyright owned by the author(s) under the terms of the Creative Commons Attribution-NonCommercial-ShareAlike Licence.},
 bibtype = {inproceedings},
 author = {Welch, V and Deximo, A and Hayashi, S and Khadke, V D and Mathure, R and Quick, R and Altunay, M and Sehgal, C S and Tiradani, A and Basney, J},
 booktitle = {Proceedings of Science}
}

{"_id":"uqc4RnSeiW6YFf6qf","bibbaseid":"welch-deximo-hayashi-khadke-mathure-quick-altunay-sehgal-etal-osgpkitransitionexperiencesandlessonslearned-2014","downloads":0,"creationDate":"2018-03-12T18:07:03.559Z","title":"OSG PKI transition: Experiences and lessons learned","author_short":["Welch, V.","Deximo, A.","Hayashi, S.","Khadke, V., D.","Mathure, R.","Quick, R.","Altunay, M.","Sehgal, C., S.","Tiradani, A.","Basney, J."],"year":2014,"bibtype":"inproceedings","biburl":"https://bibbase.org/service/mendeley/42d295c0-0737-38d6-8b43-508cab6ea85d","bibdata":{"title":"OSG PKI transition: Experiences and lessons learned","type":"inproceedings","year":"2014","keywords":"Authentication; Distributed computer systems; Proj,Certificate Services; Federated identity; Identit,Public key cryptography","volume":"23-28-Marc","websites":"https://www.scopus.com/inward/record.uri?eid=2-s2.0-84976287425&partnerID=40&md5=91fa0ceddc7a53735878e4a650ae9d76","publisher":"Proceedings of Science (PoS)","id":"b38e74ab-7e24-3aa6-aae8-390a47f6aa11","created":"2018-02-27T18:07:39.588Z","file_attached":false,"profile_id":"42d295c0-0737-38d6-8b43-508cab6ea85d","group_id":"411048e7-0d47-3d3c-90c2-fad3d2bd6235","last_modified":"2018-02-27T18:07:39.588Z","read":false,"starred":false,"authored":false,"confirmed":"true","hidden":false,"citation_key":"Welch2014","source_type":"conference","notes":"cited By 0; Conference of International Symposium on Grids and Clouds, ISGC 2014 ; Conference Date: 23 March 2014 Through 28 March 2014; Conference Code:121995","private_publication":false,"abstract":"Over the course of 2012-13 the Open Science Grid (OSG) transitioned the identity management system for its science user community from the DOE Grids public key infrastructure (PKI) to a new OSG PKI. This transition was significant in its scope, touching on nearly all aspects of the OSG infrastructure and community. The transition also entailed the adoption of a commercial certificate service as a key component of OSG's PKI. This transition offers a rare opportunity to better understand identity management and how to prepare for and implement changes in an identity management system. In this paper, we describe OSG's transition and lessons learned from it. We discuss the overall project management approach, including a division of the project into planning, piloting, design, development, implementation and transition phases. We discuss the considered alternatives, both for implementations of the OSG PKI as well as alternatives to a PKI such as federated identity, as well as the criteria we used to make our decision. We conclude with a set of lessons learned from both implementation and in retrospect, and a set of recommendations for other identity systems. © Copyright owned by the author(s) under the terms of the Creative Commons Attribution-NonCommercial-ShareAlike Licence.","bibtype":"inproceedings","author":"Welch, V and Deximo, A and Hayashi, S and Khadke, V D and Mathure, R and Quick, R and Altunay, M and Sehgal, C S and Tiradani, A and Basney, J","booktitle":"Proceedings of Science","bibtex":"@inproceedings{\n title = {OSG PKI transition: Experiences and lessons learned},\n type = {inproceedings},\n year = {2014},\n keywords = {Authentication; Distributed computer systems; Proj,Certificate Services; Federated identity; Identit,Public key cryptography},\n volume = {23-28-Marc},\n websites = {https://www.scopus.com/inward/record.uri?eid=2-s2.0-84976287425&partnerID=40&md5=91fa0ceddc7a53735878e4a650ae9d76},\n publisher = {Proceedings of Science (PoS)},\n id = {b38e74ab-7e24-3aa6-aae8-390a47f6aa11},\n created = {2018-02-27T18:07:39.588Z},\n file_attached = {false},\n profile_id = {42d295c0-0737-38d6-8b43-508cab6ea85d},\n group_id = {411048e7-0d47-3d3c-90c2-fad3d2bd6235},\n last_modified = {2018-02-27T18:07:39.588Z},\n read = {false},\n starred = {false},\n authored = {false},\n confirmed = {true},\n hidden = {false},\n citation_key = {Welch2014},\n source_type = {conference},\n notes = {cited By 0; Conference of International Symposium on Grids and Clouds, ISGC 2014 ; Conference Date: 23 March 2014 Through 28 March 2014; Conference Code:121995},\n private_publication = {false},\n abstract = {Over the course of 2012-13 the Open Science Grid (OSG) transitioned the identity management system for its science user community from the DOE Grids public key infrastructure (PKI) to a new OSG PKI. This transition was significant in its scope, touching on nearly all aspects of the OSG infrastructure and community. The transition also entailed the adoption of a commercial certificate service as a key component of OSG's PKI. This transition offers a rare opportunity to better understand identity management and how to prepare for and implement changes in an identity management system. In this paper, we describe OSG's transition and lessons learned from it. We discuss the overall project management approach, including a division of the project into planning, piloting, design, development, implementation and transition phases. We discuss the considered alternatives, both for implementations of the OSG PKI as well as alternatives to a PKI such as federated identity, as well as the criteria we used to make our decision. We conclude with a set of lessons learned from both implementation and in retrospect, and a set of recommendations for other identity systems. © Copyright owned by the author(s) under the terms of the Creative Commons Attribution-NonCommercial-ShareAlike Licence.},\n bibtype = {inproceedings},\n author = {Welch, V and Deximo, A and Hayashi, S and Khadke, V D and Mathure, R and Quick, R and Altunay, M and Sehgal, C S and Tiradani, A and Basney, J},\n booktitle = {Proceedings of Science}\n}","author_short":["Welch, V.","Deximo, A.","Hayashi, S.","Khadke, V., D.","Mathure, R.","Quick, R.","Altunay, M.","Sehgal, C., S.","Tiradani, A.","Basney, J."],"urls":{"Website":"https://www.scopus.com/inward/record.uri?eid=2-s2.0-84976287425&partnerID=40&md5=91fa0ceddc7a53735878e4a650ae9d76"},"biburl":"https://bibbase.org/service/mendeley/42d295c0-0737-38d6-8b43-508cab6ea85d","bibbaseid":"welch-deximo-hayashi-khadke-mathure-quick-altunay-sehgal-etal-osgpkitransitionexperiencesandlessonslearned-2014","role":"author","keyword":["Authentication; Distributed computer systems; Proj","Certificate Services; Federated identity; Identit","Public key cryptography"],"metadata":{"authorlinks":{}},"downloads":0},"search_terms":["osg","pki","transition","experiences","lessons","learned","welch","deximo","hayashi","khadke","mathure","quick","altunay","sehgal","tiradani","basney"],"keywords":["authentication; distributed computer systems; proj","certificate services; federated identity; identit","public key cryptography"],"authorIDs":[],"dataSources":["zgahneP4uAjKbudrQ","ya2CyA73rpZseyrZ8"]}